Glossary Term

Step-up Authentication

More About Plurilock

PDF

White Paper: Advanced Authentication

The state of authentication today—and why you need Plurilock products.
PDF

Plurilock Quad Chart

Quick, visual summaries of Plurilock value, use cases, architecture, and typical clients.
PDF

2019 Authentication Guide

Summary of authentication recommendations from major standards bodies, plus Plurilock’s own recommendations.
PDF

Behavioral Biometrics Guide

The definitive guide to behavioral biometrics, a core Plurilock technology.

Step-up Authentication is an additional step in a login or authentication workflow in which a user is asked to provide additional confirmation of their identity. Step-up authentication is generally used when the results of an initial authentication attempt are either uncertain or rejected, and provides a further opportunity for the user to prove their identity using an identity factor that they have not yet provided.¶For example, if a user logging in to a Plurilock ADAPT-enabled workflow is able to provide the correct username and password, yet their identity score falls slightly below the configured threshold for a positive decision, they may be prompted to provide step-up authentication in the form of an SMS code or an email link click. If they are able to provide this further proof of their identity, they may then be logged in.¶Step-up authentication enables administrators to manage boundary cases in authentication without the need for manual intervention and without having to unnecessarily exclude legitimate users. Less positively, however, step-up authentication represents an additional workflow step that may drive user frustration or harm user productivity, This drawback is a key factor in the adoption of Plurilock products, which reduce instances of step-up authentication by over 90 percent.

Stay informed. Join our low-volume list for news and updates.

PLURILOCK IS THE LEADER IN ADVANCED AUTHENTICATION

Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.

Follow

        

Contact Plurilock

Have a question or comment?